3
3 AUTORIZZAZIONE (da RFC 1909) For security reasons, it is often valuable to be able to restrict the access rights of some management applications to only a subset of the management information in the management domain. To provide this capability, access to a context (la MIB di un sistema gestito) is via a MIB view which details a specific set of managed object types (and optionally, the specific instances of object types) within that context. For example, for a given context, there will typically always be one MIB view which provides access to all management information in that context, and often there will be other MIB views each of which contains some subset of the information. Since managed object types (and their instances) are identified via the tree-like naming structure of ISO's OBJECT IDENTIFIERs, it is convenient to define a MIB view as the combination of a set of view subtrees, where each view subtree is a sub-tree within the managed object naming tree.

4
4 AUTORIZZAZIONE (da RFC 1909) - continua In addition to restricting access rights by identifying (sub-)sets of management information, it is also valuable to restrict the requests allowed on the management information within a particular context. For example, one management application might be prohibited from write-access to a particular context, while another might be allowed to perform any type of operation (diversi access mode). So, by providing access rights to a management application in terms of the particular (subset) MIB view it can access for that context, then the management application is restricted in the desired manner.

5
5 AUTENTICAZIONE e PRIVACY (da RFC 1909) The enforcement of access rights requires the means not only to identify the entity on whose behalf a request is generated but also to authenticate such identification. Another security capability which is (optionally) provided is the ability to protect the data within an SNMPv2 operation from disclosure (i.e., to encrypt the data). This is particularly useful when sensitive data (e.g., passwords, or security keys) are accessed via SNMPv2 requests.

26
26 RFC 1907: object-type citati object group: snmpCommunityGroup snmpInBadCommunityNames OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of SNMP messages delivered to the SNMP entity which used a SNMP community name not known to said entity." ::= { snmp 4 }

27
27 RFC 1907: object-type citati object group: snmpCommunityGroup snmpInBadCommunityUses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of SNMP messages delivered to the SNMP entity which represented an SNMP operation which was not allowed by the SNMP community named in the message." ::= { snmp 5 }

28
28 RFC 1907: object-type citati object group: snmpGroup snmpInPkts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of messages delivered to the SNMP entity from the transport service." ::= { snmp 1 } snmpInBadVersions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The total number of SNMP messages which were delivered to the SNMP entity and were for an unsupported SNMP version." ::= { snmp 3 }

Sul progetto

Feed-back

To ensure the functioning of the site, we use cookies. We share information about your activities on the site with our partners and Google partners: social networks and companies engaged in advertising and web analytics. For more information, see the Privacy Policy and Google Privacy &amp Terms.
Your consent to our cookies if you continue to use this website.